PT0-003 · Question #243
PT0-003 Question #243: Real Exam Question with Answer & Explanation
Sign in or unlock PT0-003 to reveal the answer and full explanation for question #243. The question stem and answer options stay visible for context.
Question
SIMULATION A penetration tester is using a test account within an application to discover any vulnerabilities within the change email function. During testing, the penetration tester discovers the application is vulnerable to an attack that would allow for the tester to change a user's email address wile logged in. The user's account would be disabled after three unsuccessful login attempts. INSTRUCTIONS Part 1 Examine the two HTTP requests in which the penetration tester was successful in changing the test email address within the application and identify the type of attack that has most likely exploited the vulnerability. Part 2 Use the drop-down menus to select elements to represent the malicious HTTP request that will accomplish the desired exploit. If at any time you would like to bring back the initial state of the simulation, please click the Reset All button. Answer: Part 1 - Identifying the Attack Type The penetration tester is able to change the user's email address by exploiting a vulnerability. Given the provided HTTP request, the best-suited attack to achieve this is Cross-Site Request Forgery (CSRF). CSRF exploits the trust a website has in the user's browser by forcing an authenticated user to submit a request unknowingly. In this case, the attacker could craft a malicious request to change the user's email address without their consent. This is possible if the application does not properly validate the request source (e.g., using CSRF tokens). Part 2 - Correct Malicious HTTP Request Selections (Based on Images) To craft the correct malicious HTTP request based on the available elements in the dropdown menus: - First Dropdown (HTTP Method): POST - Second Dropdown (Endpoint Path): /email/change - Host: somedomain.com - Cookie (Session): yxSasdas3892NJoalsdjUY321 - Payload (Email Parameter Change): [email protected] This selection ensures that the malicious request successfully changes the email address of the logged-in user by exploiting Cross-Site Request Forgery (CSRF) or possibly Cookie Poisoning if the session value can be manipulated.
Options
- taskIdentify the vulnerability within the application's change email function and construct a malicious HTTP request to exploit it.
- prerequisitesA logged-in test account with an active session in the target application.
Unlock PT0-003 to see the answer
You've previewed enough free PT0-003 questions. Unlock PT0-003 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.